search for: xauthfiles

Hi, I noticed that Markus has fixed the temporary file cleanup problems in OpenSSH cvs. What files need patching for this ? I only noticed changes in: session.c, channels.h and channels.c. -Jarno -- Jarno Huuskonen <Jarno.Huuskonen at uku.fi>

This issue has been discussed here and elsewhere a fair bit in the past year or so, but to re-address the issue... As of OpenSSH 2.9.something the ability to have an Xauthority located in /tmp was removed, with the following description in the ChangeLog : - markus at cvs.openbsd.org 2001/06/12 21:21:29 [session.c] remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since

in reply to: 5.1p1 and X11 forwarding failing http://lists.mindrot.org/pipermail/openssh-unix-dev/2009-February/027183.html I have the impression that SSH is running xauth with a filename in a temporary directory that does not exist: local:~ $ ssh -vv user at remote ... debug2: x11_get_proto: /usr/bin/xauth -f /tmp/ssh-VskgWb3776/xauthfile generate :0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200

$ ssh -v OpenSSH_5.1, OpenSSL 0.9.8j 07 Jan 2009 $ ssh -vvv -X example.com [ Relevant debug info: ] debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1 [OpenSSH_5.1, OpenSSL 0.9.7j 04 May 2006] debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-TLLOFKxvay/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2>/dev/null Warning: untrusted X11 forwarding

This change allows use of untrusted X11 forwarding (which is more secure) without requiring users to choose a finite timeout after which to refuse new connections. This matches the semantics of the X11 security extension itself, which also treat a validity timeout of 0 on an authentication cookie as indefinite. Signed-off-by: Trixie Able <table at inventati.org> --- clientloop.c | 12

Hello, I know this is likely to give me a brute force attack hit, but the only thing anyone can accomplish by ssh-ing to my machine is to provide me with a tunnel into your machine. So don't bother. Anyway, my server machine is running this: /usr/bin/ssh -X -R ${port}:localhost:22 -o BatchMode=yes \ -o StrictHostKeyChecking=no ${user}@${my_home_machine} On my local machine: ssh -vvv -X

...eck for USE_VHANGUP instead of HAVE_VHANGUP. Don't call I_PUSH ioctl's under Cygwin. - readconf.c: Disable check for uid 0 when HAVE_CYGWIN is set. - scp.c: Call tcgetpgrp() instead of ioctl(..., TIOCGPGRP) to get the controlling terminal when HAVE_CYGWIN is set. - session.c: Close xauthfiles immediatly to avoid implicit file lockings on Windows NT systems. Changes in environment setting. Disable check for uid 0 when HAVE_CYGWIN is set. Don't call xauth with `.../unix' syntax under Cygwin. - ssh.c: Disable setrlimit call under Cygwin. Take care for `.exe' file e...

I have found that this server, <snip> debug1: Remote protocol version 1.99, remote software version 3.1.0 F-SECURE SSH - Process Software SSH for OpenVMS debug1: no match: 3.1.0 F-SECURE SSH - Process Software SSH for OpenVMS </snip> does not follow the IETF secsh draft [1] related to the SSH_MSG_USERAUTH_PASSWD_CHANGEREQ message. <snip> ... Normally, the server responds

Here's a patch for a feature I'm used to having in the old commercial ssh. It checks for usernames the file /etc/nologin.allow when /etc/nologin is in place, and lets the users mentioned in /etc/nologin.allow in regardless of /etc/nologin. This is very usefull for remote administration of servers. Please consider applying this. -jf -------------- next part -------------- ---

...E_VHANGUP explicitely if HAVE_CYGWIN is set. Don't call I_PUSH ioctl's under Cygwin. - readconf.c: Disable check for uid 0 when HAVE_CYGWIN is set. - scp.c: Call tcgetpgrp() instead of ioctl(..., TIOCGPGRP) to get the controlling terminal when HAVE_CYGWIN is set. - session.c: Close xauthfiles immediatly to avoid implicit file lockings on Windows NT systems. Changes in environment setting. Disable check for uid 0 when HAVE_CYGWIN is set. Don't call xauth with `.../unix' syntax under Cygwin. - ssh.c: Disable setrlimit call under Cygwin. Take care for `.exe' file e...

...care for include files. Add a define for O_BINARY. - loginrec.c: Add O_BINARY to open calls. - pty.c: Don't call I_PUSH ioctl's under Cygwin. - scp.c: Add O_BINARY to open calls. Call tcgetpgrp() instead of ioctl(..., TIOCGPGRP) to get the controlling terminal. - session.c: Close xauthfiles immediatly to avoid implicit file lockings on Windows NT systems. Changes in environment setting. Disable check for uid 0. Don't call xauth with `.../unix' syntax under Cygwin. - ssh.c: Disable setrlimit call under Cygwin. Take care for `.exe' file extension. We (the Cygwi...

Hello, I am new at ssh, think it is a simple config problem, but have not found the error. Wenn I connect from an client (winpc vai cygwin) to server A (hpup) the connectionon and xlogo ist okay. Wenn I connect from the same client to server B I got the following error message. The problem is only by starting xlogo, the connection via ssh to Server A+B ist okay. The sshd_config on server a+b is

Okay, here is a fixed version of the patch I sent before for fixing the problems I know about with Digital Unix SIA: displaying too much info (MOTD, last login, etc.) when access is denied, and the loss of the error message sometimes when access is denied. It does break some code out of do_login into a couple of separate functions. I did this to avoid duplicating the code in a couple of places.

Hi all, I have just successfully ported openssh-2.1.0p3 to Cygwin. As you may know, Cygwin is a GPLed POSIX layer for Windows OSes. To be serious: I don't _like_ Windows systems and sometimes I really hate that STUPID concessions which are necessary when trying to get U*X software working on Windoze but for some reason that's exactly the reason, why I love to work on Cygwin! Porting to

Dear OpenSSH porting developers, finally I succeded in porting OpenSSH to QNX 4. To get things going I had to take over some definitions from Linux' include files, since they are not available under QNX (e.g. the howmany makro, NFDBITS, the lastlog structure). With this email I send a patch with all my changes as well as the file "qnx-term.h" which I created because IXANY and

On Thu, Jun 07, 2018 at 06:14:42PM -0700, PGNet Dev wrote: > On 6/7/18 6:08 PM, Darren Tucker wrote: > > Well the intent is you should be able to set CC and LD to whatever you > > want as long as they work. In this case, the OSSH_CHECK_LDFLAG_LINK > > test invokes autoconf's AC_LINK_IFELSE with uses CC not LD. I'm not > > sure what to do about it yet though. I

https://bugzilla.mindrot.org/show_bug.cgi?id=2440 Bug ID: 2440 Summary: X11 connection will fail if user's home directory is read-only Product: Portable OpenSSH Version: 6.8p1 Hardware: Sparc OS: Solaris Status: NEW Severity: normal Priority: P5 Component: sshd

Verifying a report I just got pinged about, building vanilla openssh 7.7p1 on linux configures ok, but fails build around 'retpoline' I've started looking through recent reports; haven't _yet_ found anything similar. While I continue, is any of the following familiar/expected? Either known bug/issue or env conflict? The current env includes supposedly retpoline-ready GCC 8.1.1,